def listen(use_new_keys=False): """ Listens on TIMESERVER_PORT for xml-rpc calls to functions: - get_signed_time(nonces) """ global timeserver_listener_thread # Set the timeserver's signing key. print(LOG_PREFIX + 'Loading timeserver signing key.') timeserver.set_timeserver_key(load_timeserver_key(use_new_keys)) print(LOG_PREFIX + 'Timeserver signing key loaded.') # Test locally before opening the XMLRPC port. test_demo_timeserver() # Create server server = xmlrpc_server.SimpleXMLRPCServer( (demo.TIMESERVER_HOST, demo.TIMESERVER_PORT), requestHandler=RequestHandler) #, allow_none=True) #server.register_introspection_functions() # Add a function to the Timeserver's xml-rpc interface. # Register function that can be called via XML-RPC, allowing a Primary to # request the time for its Secondaries. server.register_function(timeserver.get_signed_time, 'get_signed_time') server.register_function(get_signed_time_der_wrapper, 'get_signed_time_der') print(LOG_PREFIX + 'Timeserver will now listen on port ' + str(demo.TIMESERVER_PORT)) timeserver_listener_thread = threading.Thread(target=server.serve_forever) timeserver_listener_thread.setDaemon(True) timeserver_listener_thread.start()
def rpc_server(): httpd = xmlrpc_server.SimpleXMLRPCServer(('', 0)) httpd.register_function(pow) proxy_process = multiprocessing.Process(target=httpd.serve_forever, ) try: proxy_process.start() yield 'http://{}:{}'.format(*httpd.server_address) finally: proxy_process.terminate()
def launch_rpc_server(bind_addr, port, project_name, run_callback): server = xmlrpc_server.SimpleXMLRPCServer((bind_addr, port), logRequests=False) server.register_instance(RemoteControl(project_name, run_callback)) server.register_introspection_functions() print('\nMulti-Mechanize: %s listening on port %i' % (bind_addr, port)) print('waiting for xml-rpc commands...\n') try: server.serve_forever() except KeyboardInterrupt: pass
def listen(): """ This is exclusively for the use of the demo website frontend. Listens on IMAGE_REPO_SERVICE_PORT for xml-rpc calls to functions: - add_target_to_image_repo - write_image_repo Note that you must also run host() in order to serve the metadata files via http. """ global xmlrpc_service_thread if xmlrpc_service_thread is not None: print(LOG_PREFIX + 'Sorry: there is already a listening Image Repository ' 'service thread.') return # Create server server = xmlrpc_server.SimpleXMLRPCServer( (demo.IMAGE_REPO_SERVICE_HOST, demo.IMAGE_REPO_SERVICE_PORT), requestHandler=RequestHandler, allow_none=True) # Register functions that can be called via XML-RPC, allowing users to add # target files to the image repository or to simulate attacks from a web # frontend. server.register_function(add_target_to_imagerepo, 'add_target_to_image_repo') server.register_function(write_to_live, 'write_image_repo') # Attack 1: Arbitrary Package Attack on Image Repository without # Compromised Keys. # README.md section 3.2 server.register_function(mitm_arbitrary_package_attack, 'mitm_arbitrary_package_attack') server.register_function(undo_mitm_arbitrary_package_attack, 'undo_mitm_arbitrary_package_attack') # Attack 2: Replay Attack without Compromised Keys # We don't bother performing the replay attack against the Image Repo; # demonstration on the Director Repo is enough. # Attack 3: Arbitrary Package Attack with Compromised Image Repository Keys # README.md section 3.5. Recovery in section 3.6 server.register_function(keyed_arbitrary_package_attack, 'keyed_arbitrary_package_attack') server.register_function(undo_keyed_arbitrary_package_attack, 'undo_keyed_arbitrary_package_attack') print(LOG_PREFIX + 'Starting Image Repo Services Thread: will now listen on ' 'port ' + str(demo.IMAGE_REPO_SERVICE_PORT)) xmlrpc_service_thread = threading.Thread(target=server.serve_forever) xmlrpc_service_thread.setDaemon(True) xmlrpc_service_thread.start()
def serve(self): server = xmlrpc_server.SimpleXMLRPCServer((config.root.parallel.server_addr, 0), allow_none=True, logRequests=False) try: self.port = server.server_address[1] self.state = ServerStates.WAIT_FOR_CLIENTS server.register_instance(self) _logger.debug("Starting Keepalive server") while self.state != ServerStates.STOP_SERVE: server.handle_request() _logger.debug("Exiting KeepAlive server loop") finally: server.server_close()
def serve(self): server = xmlrpc_server.SimpleXMLRPCServer((self.host, config.root.parallel.server_port), allow_none=True, logRequests=False) try: self.port = server.server_address[1] self.state = ServerStates.WAIT_FOR_CLIENTS server.register_instance(self) _logger.debug("Starting server loop") while self.state != ServerStates.STOP_SERVE: server.handle_request() if not self.interrupted: context.session.mark_complete() _logger.trace('Session finished. is_success={0} has_skips={1}', context.session.results.is_success(allow_skips=True), bool(context.session.results.get_num_skipped())) _logger.debug("Exiting server loop") finally: server.server_close()
def __init__(self, address=DEFAULT_ADDRESS, port=DEFAULT_PORT, debug=False): """ Constructor for RobotFrameworkServer :param address: Address to bind to. Default is localhost :type address: str :param port: Port to listen on. Default is 1471 :type port: int :param debug: Run in debug mode. This changes the logging level and does not cleanup the workspace :type debug: bool """ self._address = address self._port = port self._server = xmlrpc_server.SimpleXMLRPCServer((address, int(port)), encoding='utf-8') self._server.register_function(RobotFrameworkServer.execute_robot_run, self.EXECUTE_FUNC) logger.setLevel(logging.DEBUG if debug else logging.INFO)
def listen(): """ Listens on an available port from list PRIMARY_SERVER_AVAILABLE_PORTS, for XML-RPC calls from demo Secondaries for Primary interface calls. """ I_TO_PRINT = TO_PRINT + uptane.YELLOW + '[listen()]: ' + uptane.ENDCOLORS #TODO: Print to be deleted print(str('%s %s' % (I_TO_PRINT, 'Listening...'))) #TODO: Until here # Create server to listen for messages from Secondaries. In this # demonstration, an XMLRPC server is used and communications are sent in the # clear. While this cannot affect the validity of ECU Manifests or violate # the validity of images or metadata due to the protections of Uptane, # whatever mechanism of transit an OEM employs should nonetheless be # secured per the Uptane Deployment Considerations document. # The server code employed should be hardened against buffer overflows and # the like. server = None successful_port = None last_error = None for port in demo.PRIMARY_SERVER_AVAILABLE_PORTS: try: server = xmlrpc_server.SimpleXMLRPCServer( (demo.PRIMARY_SERVER_HOST, port), requestHandler=RequestHandler, allow_none=True) except socket.error as e: print('Failed to bind Primary XMLRPC Listener to port ' + repr(port) + '. Trying next port.') last_error = e else: successful_port = port break #TODO: Print to be deleted print('Primary will now listen on port ' + str(successful_port)) #TODO: Until here if server is None: # All ports failed. assert last_error is not None, 'Programming error' raise last_error #server.register_introspection_functions() # Register functions that can be called via XML-RPC, allowing Secondaries to # submit ECU Version Manifests, requests timeserver attestations, etc. # Implementers should carefully consider what protocol to use for sending # ECU manifests. They may not want them sent in the clear, for example. # In general, the interface below is not expected to be secure in this # demonstration. server.register_function( # This wrapper is now necessary because of ASN.1/DER combined with XMLRPC: # XMLRPC has to wrap binary data in a Binary() object, and the raw data # has to be extracted before it is passed to the underlying primary.py # (in the reference implementation), which doesn't know anything about # XMLRPC. register_ecu_manifest_wrapper, 'submit_ecu_manifest') # The previous line used to be this: #primary_ecu.register_ecu_manifest, 'submit_ecu_manifest') # Please note that registrations here are NOT secure, and intended for # convenience of the demonstration. An OEM will have their own mechanisms for # adding ECUs to their inventory server. server.register_function(primary_ecu.register_new_secondary, 'register_new_secondary') server.register_function(get_time_attestation_for_ecu, 'get_time_attestation_for_ecu') # Distributing images this way is not ideal: there is no method here (as # there IS in TUF in general) of detecting endless data attacks or slow # retrieval attacks. OEMs will have their own mechanisms for distribution # from Primary to Secondary, and these should follow advice in the Uptane # Deployment Considerations document. server.register_function(get_image_for_ecu, 'get_image') server.register_function(get_metadata_for_ecu, 'get_metadata') # This again is for convenience in the demo. While I don't see an obvious # security issue, it should be considered whether or not checking such a bit # before trying to update foils reporting or otherwise creates a security # issue. server.register_function(primary_ecu.update_exists_for_ecu, 'update_exists_for_ecu') # server.register_function(compromise_primary_and_deliver_arbitrary, # 'compromise_primary_and_deliver_arbitrary') print('Primary will now listen on port ' + str(successful_port)) server.serve_forever() #TODO: Print to be deleted print(str('%s %s' % (I_TO_PRINT, 'Returning...')))
from __future__ import division from six.moves import xmlrpc_server, xmlrpc_client # Restrict to a particular path. class RequestHandler(xmlrpc_server.SimpleXMLRPCRequestHandler): rpc_paths = ('/RPC2', ) # Create server server = xmlrpc_server.SimpleXMLRPCServer(("localhost", 8000), requestHandler=RequestHandler, allow_none=True) server.register_introspection_functions() server.logRequests = False # Register a function under a different name def adder_function(x, y): return x + y server.register_function(adder_function, 'add') def failure_function(code, message): raise xmlrpc_client.Fault(code, message) server.register_function(failure_function, 'failure')
def listen(): """ Listens on DIRECTOR_SERVER_PORT for xml-rpc calls to functions: - submit_vehicle_manifest - register_ecu_serial Note that you must also run host() in order to serve the metadata files via http. """ I_TO_PRINT = TO_PRINT + uptane.YELLOW + '[listening()]: ' + ENDCOLORS #TODO: Print to be deleted print(str('%s %s' % (I_TO_PRINT, 'Listening ...'))) #TODO: Until here global director_service_thread if director_service_thread is not None: print(LOG_PREFIX + 'Sorry: there is already a Director service thread ' 'listening.') return # Create server server = xmlrpc_server.SimpleXMLRPCServer( (demo.DIRECTOR_SERVER_HOST, demo.DIRECTOR_SERVER_PORT), requestHandler=RequestHandler, allow_none=True) # Register function that can be called via XML-RPC, allowing a Primary to # submit a vehicle version manifest. server.register_function( #director_service_instance.register_vehicle_manifest, register_vehicle_manifest_wrapper, # due to XMLRPC.Binary() for DER 'submit_vehicle_manifest') server.register_function( director_service_instance.register_ecu_serial, 'register_ecu_serial') # Interface available for the demo website frontend. server.register_function( director_service_instance.add_new_vehicle, 'add_new_vehicle') # Have decided that a function to add an ecu is unnecessary. # Just add targets for it. It'll be registered when that ecu registers itself. # Eventually, we'll want there to be an add ecu function here that takes # an ECU's public key, but that's not reasonable right now. # Provide absolute path for this, or path relative to the Director's repo # directory. server.register_function(add_target_to_director, 'add_target_to_director') server.register_function(write_to_live, 'write_director_repo') server.register_function( inventory.get_last_vehicle_manifest, 'get_last_vehicle_manifest') server.register_function( inventory.get_last_ecu_manifest, 'get_last_ecu_manifest') server.register_function( director_service_instance.register_ecu_serial, 'register_ecu_serial') server.register_function(clear_vehicle_targets, 'clear_vehicle_targets') # Attack 1: Arbitrary Package Attack on Director Repository without # Compromised Keys. # README.md section 3.1 server.register_function(mitm_arbitrary_package_attack, 'mitm_arbitrary_package_attack') server.register_function(undo_mitm_arbitrary_package_attack, 'undo_mitm_arbitrary_package_attack') # Attack 2: Replay Attack without Compromised Keys # README.md section 3.3 server.register_function(prepare_replay_attack_nokeys, 'prepare_replay_attack_nokeys') server.register_function(replay_attack_nokeys, 'replay_attack_nokeys') server.register_function(undo_replay_attack_nokeys, 'undo_replay_attack_nokeys') # Attack 3: Arbitrary Package Attack with a Compromised Director Key # README.md section 3.4. Recovery in section 3.6 server.register_function(keyed_arbitrary_package_attack, 'keyed_arbitrary_package_attack') server.register_function(undo_keyed_arbitrary_package_attack, 'undo_keyed_arbitrary_package_attack') # Attack 4: Arbitrary Package with Revoked Keys # (README.md section 3.7) server.register_function(sign_with_compromised_keys_attack, 'sign_with_compromised_keys_attack') server.register_function(undo_sign_with_compromised_keys_attack, 'undo_sign_with_compromised_keys_attack') print(LOG_PREFIX + 'Starting Director Services Thread: will now listen on ' 'port ' + str(demo.DIRECTOR_SERVER_PORT)) director_service_thread = threading.Thread(target=server.serve_forever) director_service_thread.setDaemon(True) director_service_thread.start()
def start_rpc_server(q): httpd = xmlrpc_server.SimpleXMLRPCServer(("127.0.0.1", 0)) httpd.register_function(pow) q.put("http://{}:{}".format(*httpd.server_address)) httpd.serve_forever()